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DETAILED ACTION 

1. Claims 1-34 are pending. 

Response to Arguments 

2. Applicant's arguments filed 7/3/07 have been fully considered but they are not 
persuasive. 

Examiner traverses the argument on pg.1 5-16, that Cromer does not suggest 
that the boot BIOS is stored in a protected are of flash memory. However, according to 
Cromer on col. 5, lines 6-14, explains the storage of the master public key and master 
private key in protected storage wherein such data blocks are utilized in order to provide 
authentication/authorization during boot procedure for a computer attached to a 
network. This suggests a protected are of flash memory because Cromer indicates a 
protected storage device 262 that cannot be read or written to by any other device 
(col.4, lines 37-38). Cromer discloses flash memory 242 is electrically erasable 
programmable read only memory module where this reads on the unprotected area 
because it is erasable read only. Thus, flash memory 242 is an unprotected area 
versus the protected storage device 262 is an area in which no other device is able to 
read or write to it. 

Examiner traverses the argument on end of pg.1 6, that Cromer fails to examine 
an image of the operating system. Cromer discloses a determination of whether a first 
selected device contains an image of a desired operating system such that when there 
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contains an image, a determination of the image is bootable (col. 5, lines 28-31). This 
suggests examining an image of the operating system because Cromer included the 
determining process if there is an image. Thus, also suggest whether the image is 
programmed or not if not bootable. 

Examiner traverses the argument on pg.18, that Vanderpool does not discloses 
images of resource-sparing operating system images. Applicant has mention on pg.13, 
that resource-sparing operating system is well known in the art is often implemented in 
computing device that have limited storage and memory resources. Vanderpool 
suggests such resource-sparing operating system because his computer system have 
at least 16 Mbytes of RAM memory. This suggest a computing device having limited 
storage and memory resources (col. 7, lines 15-18 and col.11, lines 31-35). Further, 
applicant indicated Vanderpool's images are in standard JPEG format. However, 
Vanderpool merely explains the compression/decompression process which performs 
decompression similar to a JPEG format (col.1 1 , lines 36-41 ). Vanderpool does not 
insinuate the images are only in JPEG format. Vanderpool suggests creating a first 
hash of the created image (col.8, lines 4-15) and a second hash of the image from the 
catalog file where the second image obviously is a stored has that will be used as a 
reference to during the comparison process (col.8, lines 35-40). Innuendo, Cromer also 
suggests first and second hash. Thus, the Vanderpool and Cromer combination 
obviously teaches the claimed invention. 

As per the argument on pg.19, where Vanderpool fails to disclose blocking the 
use of the image to boot the computing device when the first hash and the second hash 
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do not match is traversed. Cromer is combined with Vanderpool to teach this limitation. 
Cromer disclose a method and system for performing an authenticated boot of a 
computer system wherein the boot process for a computer system attached to a 
network is authenticated to ensure authorized access to an operating system image 
(col.1, lines 48-51 and col. 5, lines 63-65). Cromer disclose a pre specified list of 
bootable devices is presented to the user for selection and a determination of the 
selected device whether it contains an image of a desired operating system (col. 5, lines 
22-35). Comer discusses hashing the boot record with a hash algorithm and 
determines if the system boots approves or not whereby a password is requested if the 
boot records are not approved. Thereafter, if the password is invalid, then the system is 
halted (col. 5, lines 40-47). Further, Cromer discloses comparing the decrypted received 
hash to a list of authorized operating system boot record hashes (col. 5, lines 55-56). 
Based on the whether the received hash matches an authorized hash, the system then 
boots or halts appropriately (col. 5, lines 59-62). The list of authorized operating system 
boot record hashes is obviously the claimed second hash of the image from the catalog 
file because as established earlier, the catalog file is merely a listing of specific 
information. This reads on the claimed second hash of the image from the catalog file 
and blocking the use of the image to boot the computing device when the first hash and 
the second hash do not match. Therefore, it would have been obvious for a person of 
ordinary skills in the art to combine the teaching of Vanderpool with the teach of 
blocking the use of the image to boot the computing device when the first hash and the 
second hash do not match as taught by Cromer because this ensures the boot process 
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for a computer system is authenticated to ensure authorized access to an operating 
system image which avoids booting an incorrect operating system image (col.5, lines 
55-67). 

All dependent claims are also rejected by virtue of the dependency. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the basis 
for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 23-34 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Cromer, et al. (US 6,684,326). 

As per claim 23: 

Cromer discloses a portable computing device, comprising: 

flash memory, the flash memory including a protected area and an unprotected 

area; (col. 3, lines 24-25 and col.4, lines 34-57; showing protected storage device 

as the protected are of the flash memory) 
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a bootloader stored in the protected area of flash memory, the bootloader 
containing a crypto module; (col.4, lines 16-22 and col.5, lines 6-14; discusses the 
bootloader information for authentication/authorization during a boot procedure.) 

an operating system image stored in the unprotected area of flash memory; 
(col.3, lines 23-27) 

random access memory (RAM); and (col.11, lines 31-35) 
wherein the crypto module of the bootloader is operative to examine an image 
update to determine if the image update should be programmed into the unprotected 
area of flash memory to boot the device based on information included in a signed 
catalog file embedded in the image update, (col.5, lines 8-14 and 28-62) 
As per claim 24: see Cromer on col.3, lines 22-26; discussing device of claim 23, 
wherein the crypto module programs the image update into the unprotected area of 
flash memory when the device is in test mode. 

As per claim 25: see Cromer on col.3, lines 22-26 and col.5, lines 17-35; 

discussing device of claim 23, wherein the bootloader stores the image update in the 
RAM until the crypto module determines that the image update should be programmed 
into the unprotected area of flash memory to boot the device. 

As per claim 26: see Cromer on col.5, lines 38-62; discussing device of claim 25, 
wherein the crypto module calculates a first hash of the image update, extracts a 
second hash from the catalog file, and compares the first hash and the second hash, 
the crypto module blocking use of the image update when the first hash and the second 
hash do not match. 
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As per claim 27: see Cromer on col.1, lines 53-57 and col.5, lines 11-67; 

discussing device of claim 25, wherein the crypto module extracts a signature 
certification from the catalog file and attempts to validate the signature certification, the 
crypto module blocking use of the image update when the signature certification cannot 
be validated. 

As per claim 28: see Cromer on col.5, lines 12-14 and 38-62; discussing device of 
claim 25, wherein the crypto module extracts make and model attributes from the 
catalog file and compares them to make and model information for the device, the 
crypto module blocking use of the image update when the make and model attributes of 
the image update do not match the make and model attributes of the device. 
As per claim 29: see Cromer on col.3, lines 22-26; discussing device of claim 25, 
wherein the bootloader erases a current device image from the unprotected area of 
flash memory and programs the image update into the unprotected area of flash 
memory when the crypto modules determines that the image update may be used to 
boot the device. 

As per claim 30: see Cromer on col.1, lines 53-57 and col.5, lines 12-14 and 38- 

62; discussing device of claim 23, wherein a second crypto module of a Mira shell is 
operative upon a reset of the device to examine the installed operating system image to 
determine if the installed operating system image should be used to boot the device 
based on information included in a signed catalog file embedded in the installed 
operating system image. 

As per claim 31 : see Cromer on col.5, lines 55-67; discussing device of claim 30, 
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wherein the crypto module in the Mira shell calculates a first hash of the install operating 
system image, extracts a second hash from the catalog file, and compares the first hash : 
and the second hash, the crypto module in the Mira shell blocking use of the image 
update when the first hash and the second hash do not match. 
As per claim 32: see Cromer col.1, lines 53-57 and col. 5, lines 11-14 and 55-67; 
discussing device of claim 30, wherein the crypto module in the Mira shell extracts a 
signature certification from the catalog file and attempts to validate the signature 
certification, the crypto module in the Mira shell blocking use of the installed operating 
system image when the signature certification cannot be validated. 
As per claim 33: see Cromer on col.5, lines 27-55; discussing device of claim 30, 
wherein the crypto module in the Mira shell extracts make and model attributes from the 
catalog file and compares them to make and model information for the device, the 
crypto module in the Mira shell blocking use of the installed operating system image 
when the make and model attributes of the installed operating system image do not 
match the make and model attributes of the device. 

As per claim 34: see Cromer on col.5, lines 15-26; discussing device of claim 30, 
wherein the crypto module in the Mira shell allows the installed operating system image 
to be used to boot the device when the device is in test mode. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-22 are rejected under 35 U.S.C. 103(a) as being unpatentable over 

Vanderpool, et al. (US 5,781,773), and further in view of Cromer, et al. (US 

6,684,326). 

As per claim 1: 

Vanderpool discloses a method of file system protection for a resource-sparing 
operating 

system (OS) image, comprising the steps of: 

loading the image into random access memory (RAM), the image including a 
catalog file embedded therein; (col.11, lines 31-35) 

creating a first hash of the image; (col.8, lines 5-15) 

extracting a second hash of the image from the catalog file; and (col.7, line 63 - 
col.8, line 40) 

[blocking use of the image to boot the computing device when the first hash and 
the second hash do not match]. 

The catalog file can broadly interpret as a list containing specific information (i.e. 
name, location, or hash algorithm). Vanderpool discloses digital audio and compressed 
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video (image) may also be linked to the data record by listing number and copied to and 
stored in the subdirectories under a hash algorithm as a function of the listing number. 
Vanderpool discloses listing or directories of hash algorithms corresponding to a 
thumbnail image and its filenames reads on the claimed hash of the image from the 
catalog file, (col.7, line 63 - col. 8, line 40). Vanderpool includes hashing of the images 
extracting a second hash of the image from the catalog file, but did not go further in 
details of a comparison/matching process. Thus, Vanderpool did not include blocking 
the use of the image to boot the computing device when the first hash and the second 
hash do not match. 

Cromer disclose a method and system for performing an authenticated boot of a 
computer system wherein the boot process for a computer system attached to a 
network is authenticated to ensure authorized access to an operating system image 
(col.1 , lines 48-51 and col. 5, lines 63-65). Cromer disclose a pre specified list of 
bootable devices is presented to the user for selection and a determination of the 
selected device whether it contains an image of a desired operating system (col. 5, lines 
22-35). Comer discusses hashing the boot record with a hash algorithm and 
determines if the system boots approves or not whereby a password is requested if the 
boot records are not approved. Thereafter, if the password is invalid, then the system is 
halted (col. 5, lines 40-47). Further, Cromer discloses comparing the decrypted received 
hash to a list of authorized operating system boot record hashes (col. 5, lines 55-56). 
Based on the whether the received hash matches an authorized hash, the system then 
boots or halts appropriately (col. 5, lines 59-62). The list of authorized operating system 
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boot record hashes is obviously the claimed second hash of the image from the catalog 
file because as established earlier, the catalog file is merely a listing of specific 
information. This reads on the claimed second hash of the image from the catalog file 
and blocking the use of the image to boot the computing device when the first hash and 
the second hash do not match. 

Therefore, it would have been obvious for a person of ordinary skills in the art to 
combine the teaching of Vanderpool with the teach of blocking the use of the image to 
boot the computing device when the first hash and the second hash do not match as 
taught by Cromer because this ensures the boot process for a computer system is 
authenticated to ensure authorized access to an operating system image which avoids 
booting an incorrect operating system image (col. 5, lines 55-67). 
As per claim 2: see Cromer on col.5, lines 55-67; discussing the method of claim 
1 , wherein the step of blocking the use of the image to boot the computing device when 
the first hash and the second hash do not match comprises the step of determining an 
operational mode of the computing device is set to a run mode of operation. 
As per claim 3: see Cromer on col. 3, lines 22-26 and col.5, lines 15-18; 
discussing method of claim 2, wherein the step of blocking the use of the image to boot 
the computing device when the first hash and the second hash do not match is 
bypassed when the step of determining the operational mode of the computing device is 
set to a test mode of operation, the method further comprising the step of loading the 
image into a flash memory of the computing device. 

As per claim 4: see Cromer on col.1, lines 53-57 and col.5, lines 11-67; 
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discussing method of claim 1 , further comprising the steps of validating a signature 
certification of the catalog file, and blocking the use of the image to boot the computing 
device when the signature certification of the catalog file cannot be validated. 
As per claim 5: see Cromer on col.1, lines 53-57 and col.5, lines 11-67; 
discussing method of claim 4, wherein the step of blocking the use of the image to boot 
the computing device when the signature certification of the catalog file cannot be 
validated comprises the step of determining an operational mode of the computing 
device is set to a run mode of operation. 

As per claim 6: see Cromer on col.1, lines 50-52 and col.3, lines 22-26; 

discussing method of claim 5, wherein the step of blocking the use of the image to boot 
the computing device when the signature certification of the catalog file cannot be 
validated is bypassed when the step of determining the operational mode of the 
computing device is set to a test mode of operation, the method further comprising the 
step of loading the image into a flash memory of the computing device. 
As per claim 7: see Cromer on col.5, lines 55-67; discussing method of claim 1 , 
further comprising the steps of extracting first make and model attributes from the 
catalog file, comparing the first make and model attributes from the catalog file with 
second make and model attributes of the computing device, and blocking the use of the 
image to boot the computing device when the first make and model attributes do not 
match the second make and model attributes. 

As per claim 8: see Cromer on col.5, lines 55-67; discussing method of claim 7, 
wherein the step of blocking the use of the image to boot the computing device when 
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the first make and model attributes do not match the second make and model attributes 
comprises the step of determining an operational mode of the computing device is set to 
a run mode of operation. 

As per claim 9: see Cromer on col.1, lines 50-52 and col. 3, lines 22-26 and 
col.5, lines 15-18; discussing method of claim 8, wherein the step of blocking the use 
of the image to boot the computing device when the first make and model attributes do 
not match the second make and model attributes is bypassed when the step of 
determining the operational mode of the computing device is set to a test mode of 
operation, the method further comprising the step of loading the image into a flash 
memory of the computing device. 

As per claim 10: see Cromer on col. 3, lines 22-26; discussing method of claim 1 , 
further comprising the step of booting the computing device from a prior image already 
loaded in flash memory of the computing device. 
As per claim 11: 

Vanderpool discloses a method of file system protection for a resource-sparing 
operating system (OS) image, the image including a catalog file embedded therein, 
comprising the steps of: 

examining the catalog file and the image to determine if the image is a properly 
released image; and (col.11, lines 31-35) 

[blocking use of the image to boot the computing device when the step of 
examining determines that the image is not a properly released image]. 
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The catalog file can broadly interpret as a list containing specific information (i.e. 
name, location, or hash algorithm). Vanderpool discloses digital audio and compressed 
video (image) may also be linked to the data record by listing number and copied to and 
stored in the subdirectories under a hash algorithm as a function of the listing number. 
Vanderpool discloses listing or directories of hash algorithms corresponding to a 
thumbnail image and its filenames reads on the claimed hash of the image from the 
catalog file. (col. 7, line 63 - col. 8, line 40). Vanderpool includes hashing of the images 
extracting a second hash of the image from the catalog file, but did not go further in 
details of a comparison/matching process. Thus, Vanderpool did not include blocking 
the use of the image to boot the computing device when the first hash and the second 
hash do not match. 

Cromer disclose a method and system for performing an authenticated boot of a 
computer system wherein the boot process for a computer system attached to a 
network is authenticated to ensure authorized access to an operating system image 
(col.1 , lines 48-51 and col. 5, lines 63-65). Cromer disclose a pre specified list of 
bootable devices is presented to the user for selection and a determination of the 
selected device whether it contains an image of a desired operating system (col. 5, lines 
22-35). Comer discusses hashing the boot record with a hash algorithm and 
determines if the system boots approves or not whereby a password is requested if the 
boot records are not approved. Thereafter, if the password is invalid, then the system is 
halted (col. 5, lines 40-47). Further, Cromer discloses comparing the decrypted received 
hash to a list of authorized operating system boot record hashes (col. 5, lines 55-56). 
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Based on the whether the received hash matches an authorized hash, the system then 
boots or halts appropriately (col. 5, lines 59-62). The list of authorized operating system 
boot record hashes is obviously the claimed second hash of the image from the catalog 
file because as established earlier, the catalog file is merely a listing of specific 
information. This reads on the claimed second hash of the image from the catalog file 
and blocking the use of the image to boot the computing device when the first hash and 
the second hash do not match. 

Therefore, it would have been obvious for a person of ordinary skills in the art to 
combine the teaching of Vanderpool with the teach of blocking the use of the image to 
boot the computing device when the first hash and the second hash do not match as 
taught by Cromer because this ensures the boot process for a computer system is 
authenticated to ensure authorized access to an operating system image which avoids 
booting an incorrect operating system image (col. 5, lines 55-67). 
As per claim 12: see Cromer on col.11, lines 31-35; discussing method of claim 
1 1 , wherein the step of examining is initiated upon a request to update the image, the 
method further including the step of loading an update image into random access 
memory (RAM). 

As per claim 13: see Cromer on col.5, lines 15-18; discussing method of claim 1 I, 
wherein the step of examining is initiated upon a reset of the device. 
As per claim 14: see Cromer on col.5, lines 55-67; discussing method of claim 1 1 , 
wherein the step of examining comprises the steps of: creating a first hash of the image; 
extracting a second hash of the image from the catalog file; and comparing the first 
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hash and the second hash, and wherein a mismatch provides an indication that the 
image is not a properly released image. 

As per claim 15: see Cromer on col.5, lines 15-67; discussing method of claim 14, 
further comprising the step of determining an operational mode of the device, and 
wherein the step of blocking the use of the image to boot the device is bypassed when 
the operational mode is set to test mode. 

As per claim 16: see Cromer on col. 1, lines 53-57 and col.5, lines 11-67; 

discussing the method of claim 1 1 , wherein the step of examining comprises the steps 
of: extracting a signature certification from the catalog file; validating the signature 
certification; and wherein failure of the step of validating the signature certification 
provides an indication that the image is not a properly released image. 
As per claim 17: see Cromer on col.5, lines 55-67; discussing method of claim 16, 
further comprising the step of determining an operational mode of the device, and 
wherein the step of blocking the use of the image to boot the device is bypassed when 
the operational mode is set to test mode. 

As per claim 18: see Cromer on col.5, lines 22-35 and 55-67; discussing the 
method of claim 1 1 , wherein the step of examining comprises the steps of: extracting 
first make and model attributes from the catalog file; comparing first make and model 
attributes from the catalog file to second make and model attributes of the device; and 
wherein a mismatch between the first and the second make and model attributes 
provides an indication that the image is not a properly released image for the device. 
As per claim 19: see Cromer on col.5, lines 15-35; discussing method of claim 18, 
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further comprising the step of determining an operational mode of the device, and 
wherein the step of blocking the use of the image to boot the device is bypassed when 
the operational mode is set to test mode. 

As per claim 20: see Vanderpool on col.1 1 , lines 31-36; discussing method of 
claim 1 1 , further comprising the step of loading the image into random access memory 
(RAM) of the device, and wherein the step of examining is processed after the step of 
loading. 

As per claim 21: see Cromer on col.3, lines 22-26 and 60-62; discussing method 
of claim 1 1 , wherein when the step of examining determines that the image is a properly 
released image, the method further comprising the steps of: erasing a previous image 
from flash memory of the device; programming the flash memory of the device with the 
properly released image. 

As per claim 22: See Cromer on col.1, lines 53-57 and col. 5, lines 11-67; 

discussing the method of claim 1 1 , wherein the step of examining comprises the steps 
of: creating a first hash of the image; extracting a second hash of the image from the 
catalog file; comparing the first hash and the second hash; extracting a signature 
certification from the catalog file; validating the signature certification; and extracting first 
make and model attributes from the catalog file; comparing first make and model 
attributes from the catalog file to second make and model attributes of the device; and 
wherein any one of a first mismatch between the first hash and the second hash, a 
failure of the step of validating the signature certification, and a second mismatch 
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between the first and the second make and model attributes provides an indication that 
the image is not a properly released image for the device. 



Conclusion 

5. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension 
of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire 
THREE MONTHS from the mailing date of this action. In the event a first reply 
is filed within TWO MONTHS of the mailing date of this final action and the 
advisory action is not mailed until after the end of the THREE-MONTH 
shortened statutory period, then the shortened statutory period will expire on 
the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In 
no event, however, will the statutory period for reply expire later than SIX 
MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to LEYNNA T. HA whose telephone number is (571) 272- 
3851. The examiner can normally be reached on Monday - Thursday (7:00 - 5:00PM). 



Application/ Control Number: 10/727,479 Page 19 

Art Unit: 2135 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR 
only. For more information about the PAIR system, see http://pair-direct.uspto.gov. 
Should you have questions on access to the Private PAIR system, contact the 
Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like 
assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



LHa 
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